Medium severity5.4NVD Advisory· Published Dec 30, 2023· Updated Jun 17, 2026
CVE-2023-52265
CVE-2023-52265
Description
IDURAR (aka idurar-erp-crm) through 2.0.1 allows stored XSS via a PATCH request with a crafted JSON email template in the /api/email/update data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.